• Mehr als 3 Millionen Wörter Inhalt
  • |
  • info@itmedialaw.com
  • |
  • Tel: 03322 5078053
Rechtsanwalt Marian Härtel - ITMediaLaw

No products in the cart.

  • en English
  • de Deutsch
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Kurzberatung
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
Rechtsanwalt Marian Härtel - ITMediaLaw

ECJ ruling on the GDPR: Consequences and recommendations for action for companies processing personal data

15. May 2023
in Data protection Law
Reading Time: 4 mins read
0 0
A A
0
20200427 Eugh Diskr o Person
Key Facts
  • The GDPR has fundamentally changed corporate practices for processing personal data.
  • The ECJ ruling (C-300/21) specifies claims for damages in the event of data protection violations.
  • Three conditions must be met for claims for damages: breach, damage and causation.
  • Companies should review their data protection practices to minimize legal risks.
  • A data protection officer should be appointed to monitor compliance.
  • Transparent communication about data usage can strengthen customer trust.
  • Preventive measures are crucial to avoid future GDPR violations.

The General Data Protection Regulation (GDPR) has fundamentally changed the way companies handle personal data. It has set new standards for transparency, accountability and individual rights in relation to the processing of personal data. A recent ruling by the European Court of Justice (ECJ), Case C-300/21, clarified some important aspects of the GDPR. This ruling dealt in particular with the conditions for claims for damages in the event of breaches of the GDPR. It thus provides important clarification and guidance for companies that process personal data. In the ever-evolving digital landscape, it is critical that companies understand the current legal framework and rulings in order to meet their obligations and maintain the trust of their customers.

Content Hide
1. The ECJ ruling C-300/21: What is at stake?
2. Claims for damages and the GDPR: What does the ruling say?
3. The relevance of the ECJ ruling for companies
4. Consequences of action for companies that process personal data
5. Preventive measures for companies in handling personal data
5.1. Author: Marian Härtel

The ECJ ruling C-300/21: What is at stake?

The case concerns Austrian Post, which collected information on the political preferences of the Austrian population without the explicit consent of the persons concerned. It used an algorithm to define target group addresses and deduce that a particular citizen might have a high affinity for a particular political party. This practice constituted a violation of the General Data Protection Regulation, as the data were collected and processed without the explicit consent of the data subject. A citizen whose data was used in this way felt that his rights had been violated. He claimed to have suffered immaterial damage in the form of annoyance, loss of confidence and a feeling of being exposed as a result of this data processing and demanded compensation of 1,000 euros.

Claims for damages and the GDPR: What does the ruling say?

The ECJ ruling stated that a claim for damages is subject to three cumulative conditions: a breach of the GDPR, resulting material or immaterial damage, and a causal link between the damage and the breach. Not every breach of the GDPR automatically leads to a claim for damages. Moreover, the non-material damage does not have to reach a certain level of severity to constitute a claim for damages.

The relevance of the ECJ ruling for companies

This ruling is of great importance for companies, as it clearly defines the framework for possible claims for damages in the event of violations of the GDPR. It clarifies that not every breach of the GDPR automatically leads to a claim for damages, but that there must be a direct causal link between the breach and any resulting material or immaterial damage. In addition, the ruling underscores the need for companies to adhere to strict data protection practices to ensure compliance with the GDPR and avoid potential legal consequences.

The decision also sets a precedent for other similar proceedings, including those that could affect large tech companies like Facebook. It provides a legal basis for future cases in which users wish to claim damages for violations of the GDPR. It is therefore very likely that this ruling will be used as a reference in future court proceedings and in the assessment of data protection violations. It should therefore serve as a wake-up call for all companies that process personal data to review their data protection practices and ensure that they respect the rights of data subjects

Consequences of action for companies that process personal data

Companies that process personal data should take this ruling as an opportunity to review their data protection practices and make any necessary adjustments. A key recommendation is to implement mechanisms to review and update data processing consents. It is essential to keep data subjects’ consent up to date while communicating clearly and understandably how their data will be used.

Furthermore, companies should design their processes to identify and document any potential negative impact of their data processing activities on individuals. This is of great importance, as the ruling underlines that a direct causal link between the infringement and damage must be proven in order to claim damages.

In addition, the introduction of a comprehensive and easily accessible complaints and redress procedure could be beneficial. This should allow affected individuals to raise concerns and claim compensation if they believe their rights have been violated. Companies should also consider that the level of transparency they provide to affected individuals can have a direct impact on their trust and satisfaction. It is therefore advisable to communicate proactively and openly about data protection practices and to promote a culture of data protection responsibility.

Preventive measures for companies in handling personal data

To avoid future breaches of the GDPR and potential claims for damages, companies should take a number of preventive measures:

  1. Increase awareness and training: Employees should be regularly trained and kept up to date on the latest GDPR regulations and practices. This helps to avoid potential data breaches and create awareness of the importance of data protection within the company.
  2. Data protection officer: Companies should appoint a data protection officer who is responsible for monitoring data protection practices and policies. This person should also be the contact person for data protection issues, both internally and for data subjects.
  3. Data protection impact assessment: A data protection impact assessment should be carried out for new projects or changes that affect the processing of personal data. This can help identify and mitigate potential risks.
  4. Transparency and communication: Companies should communicate clearly and transparently about their data processing practices. Data subjects should have easy access to information and know how to exercise their rights under the GDPR.

The ECJ’s ruling in Case C-300/21 provides important guidance for companies when processing personal data. Now is the time to review data protection practices and ensure they meet the requirements of the GDPR to avoid potential legal consequences. It is clear that compliance with the GDPR is not only a legal requirement, but also an important step in ensuring the trust of customers and the public.

Marian Härtel
Author: Marian Härtel

Marian Härtel ist Rechtsanwalt und Fachanwalt für IT-Recht mit einer über 25-jährigen Erfahrung als Unternehmer und Berater in den Bereichen Games, E-Sport, Blockchain, SaaS und Künstliche Intelligenz. Seine Beratungsschwerpunkte umfassen neben dem IT-Recht insbesondere das Urheberrecht, Medienrecht sowie Wettbewerbsrecht. Er betreut schwerpunktmäßig Start-ups, Agenturen und Influencer, die er in strategischen Fragen, komplexen Vertragsangelegenheiten sowie bei Investitionsprojekten begleitet. Dabei zeichnet sich seine Beratung durch einen interdisziplinären Ansatz aus, der juristische Expertise und langjährige unternehmerische Erfahrung miteinander verbindet. Ziel seiner Tätigkeit ist stets, Mandanten praxisorientierte Lösungen anzubieten und rechtlich fundierte Unterstützung bei der Umsetzung innovativer Geschäftsmodelle zu gewährleisten.

Tags: CustomizationFacebookGeneral Data Protection RegulationInformationJudgmentsPersonal dataPrivacyRegulation

Weitere spannende Blogposts

Attention to the contract with a photographer

copyright
8. July 2019

For this reason, I would like to point out once again that operators of online shops similar websites with many...

Read moreDetails

Is the “cookie” law coming soon? Draft bill TTDSG

Choice of law by general terms and conditions not surprising per se
7. November 2022

A draft bill for the Telecommunications Telemedia Data Protection Act, or TTDSG for short, is currently being circulated. According to...

Read moreDetails

Attempt of cybergrooming to become punishable by law

versuch des cybergrooming soll strafbar werden 2
7. November 2022

Cybergrooming is the targeted response of children on the Internet with the aim of initiating sexual contacts. Cybergrooming is punishable...

Read moreDetails

“Usury” is a permissible rating on eBay

Taxes on regular eBay sales
9. November 2022

The VIII Civil Senate of the German Federal Court of Justice, which is responsible, among other things, for the law...

Read moreDetails

Homepage and search function revised

Homepage and search function revised
7. November 2022

After recently giving the site a makeover, I responded to a few criticisms and, among other things, cleaned up the...

Read moreDetails

The 5 rules of interpretation of contracts that everyone should know!

The 5 rules of interpretation of contracts that everyone should know!
5. January 2023

Rule No. 1: Doubts should always be at the expense of the user The first of the five rules of...

Read moreDetails

Tax law: What’s new in tax law besides home office?

Risk Social Security / Tax audit for streamers, esports enthusiasts, etc.
7. November 2022

Two days after the Bundestag, the Bundesrat also approved numerous new rules in tax law on 18.12.2020. The law can...

Read moreDetails

Game development: risks from code and asset production using AI

Game development: risks from code and asset production using AI
18. January 2023

In recent weeks, I have already published a few articles on the topic of AI and law. Even though I...

Read moreDetails

Establish a professional esports team? A few hints

De-Minimis funding successful; still participate now
23. September 2019

What is it all about? Both as a lawyer and as a management consultant, I have coached some esports teams...

Read moreDetails
Contractual regulations for no-code/low-code software development
Other

Contractual regulations for no-code/low-code software development

21. May 2025

No-code and low-code platforms enable rapid software development without extensive manual programming. Applications are increasingly being developed on the basis...

Read moreDetails
Erotic content on OnlyFans: Copyright and personality rights protection for creators

Erotic content on OnlyFans: Copyright and personality rights protection for creators

20. May 2025
Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

Goodbye hustle culture? Startup life between 24/7 grind and work-life balance

19. May 2025
Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

Startup buzzwords 2025: Bullshit bingo in marketing German Introduction: Bullshit bingo in marketing German

18. May 2025
From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

From the metaverse boom to AI euphoria – a tech lawyer in the hype cycle

17. May 2025

Podcastfolge

052c2ca5ca0421f0316b42073ce61791

Innovative business models – risk and opportunity at the same time

10. September 2024

In this exciting episode of our podcast, we take a deep dive into the world of innovative business models. Our...

Read moreDetails
86fe194b0c4a43e7aef2a4773b88c2c4

On the dark side? A lawyer in the field of tension of innovative start-ups

26. September 2024
Looking to the future: How technology is changing the law

Looking to the future: How technology is changing the law

18. February 2025
247f58c28882e230e982fa3a32d34dea

Digital sovereignty: Europe’s path to a self-determined digital future

8. December 2024
8ffe8f2a4228de20d20238899b3d922e

Web3, blockchain and law – a critical review

26. September 2024

Video

My transparent billing

My transparent billing

10. February 2025

In this video, I talk a bit about transparent billing and how I communicate what it costs to work with...

Read moreDetails
Fascination between law and technology

Fascination between law and technology

10. February 2025
My two biggest challenges are?

My two biggest challenges are?

10. February 2025
What really makes me happy

What really makes me happy

10. February 2025
What I love about my job!

What I love about my job!

10. February 2025
  • Privacy policy
  • Imprint
  • Contact
  • About lawyer Marian Härtel
Marian Härtel, Rathenaustr. 58a, 14612 Falkensee, info@itmedialaw.com

Marian Härtel - Rechtsanwalt für IT-Recht, Medienrecht und Startups, mit einem Fokus auf innovative Geschäftsmodelle, Games, KI und Finanzierungsberatung.

Welcome Back!

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
  • Informationen
    • Ideal partner
    • About lawyer Marian Härtel
    • Quick and flexible access
    • Principles as a lawyer
    • Why a lawyer and business consultant?
    • Focus areas of attorney Marian Härtel
      • Focus on start-ups
      • Investment advice
      • Corporate law
      • Cryptocurrencies, Blockchain and Games
      • AI and SaaS
      • Streamers and influencers
      • Games and esports law
      • IT/IP Law
      • Law firm for GMBH,UG, GbR
      • Law firm for IT/IP and media law
    • The everyday life of an IT lawyer
    • How can I help clients?
    • Testimonials
    • Team: Saskia Härtel – WHO AM I?
    • Agile and lean law firm
    • Price overview
    • Various information
      • Terms
      • Privacy policy
      • Imprint
  • Services
    • Support and advice of agencies
    • Contract review and preparation
    • Games law consulting
    • Consulting for influencers and streamers
    • Advice in e-commerce
    • DLT and Blockchain consulting
    • Legal advice in corporate law: from incorporation to structuring
    • Legal compliance and expert opinions
    • Outsourcing – for companies or law firms
    • Booking as speaker
  • News
    • Gloss / Opinion
    • Law on the Internet
    • Online retail
    • Law and computer games
    • Law and Esport
    • Blockchain and web law
    • Data protection Law
    • Copyright
    • Labour law
    • Competition law
    • Corporate
    • EU law
    • Law on the protection of minors
    • Tax
    • Other
    • Internally
  • Podcast
    • ITMediaLaw Podcast
  • Knowledge base
    • Laws
    • Legal terms
    • Contract types
    • Clause types
    • Forms of financing
    • Legal means
    • Authorities
    • Company forms
    • Tax
    • Concepts
  • Videos
    • Information videos – about Marian Härtel
    • Videos – about me (Couch)
    • Blogpost – individual videos
    • Videos on services
    • Shorts
    • Podcast format
    • Third-party videos
    • Other videos
  • Contact
  • en English
  • de Deutsch
Kostenlose Kurzberatung